Filtered by vendor Evershop
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46499 | 1 Evershop | 1 Evershop | 2023-12-12 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.5 allows a remote attacker to obtain sensitive information via a crafted scripts to the Admin Panel. | |||||
| CVE-2023-46497 | 1 Evershop | 1 Evershop | 2023-12-12 | N/A | 5.4 MEDIUM |
| Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the mkdirSync function in the folderCreate/createFolder.js endpoint. | |||||
| CVE-2023-46494 | 1 Evershop | 1 Evershop | 2023-12-12 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.5 allows a remote attacker to obtain sensitive information via a crafted request to the ProductGrid function in admin/productGrid/Grid.jsx. | |||||
| CVE-2023-46495 | 1 Evershop | 1 Evershop | 2023-12-12 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the sortBy parameter. | |||||
| CVE-2023-46493 | 1 Evershop | 1 Evershop | 2023-12-12 | N/A | 5.3 MEDIUM |
| Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the readDirSync function in fileBrowser/browser.js. | |||||